subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Stein <gst...@gmail.com>
Subject Re: The patch-exec branch
Date Sat, 01 Aug 2015 07:24:01 GMT
On Fri, Jul 31, 2015 at 6:36 PM, Daniel Shahaf <d.s@daniel.shahaf.name>
wrote:
>...

> Two questions:
>
> - When one side of the diff is in the OS filesystem, do we still fold
>   its value to 644/755 for output?
>
> - If yes, how do we choose between 644 and 755?  (e.g., do we use
>   "x & 0111 == 0111", or "x & 0100 == 0100", or access(X_OK), or …)
>
> My answer to the first question is "yes", as discussed above.
>

Whatever the answer, I don't think the client should _ever_ set group/world
*write* [directed by the "server"]. Maybe not execute, too. That just
screams for creating a point of abuse. (maybe umask applies, but I'd prefer
to ignore that; we're getting perm bits from (potentially) an untrusted
server)

Cheers,
-g

Mime
View raw message